1. Hotfix Release Information

Resolved Known Issues

Trend Micro Apex Central™ as a Service

This Hotfix resolves the following issue(s):

Issue 1 (SEG-101938),

The "Retain tree structure" option for the Agent Migration Tool does not work.

Solution

This Hotfix resolves this issue.

Issue 2 (SEG-100949),

Users can modify Apex One settings after accessing the Apex One console through Single Sign-On (SSO) using an account with "Read-Only" privileges.

Solution

This Hotfix ensures that only accounts with the required privileges can be used to modify the Apex One settings.

Issue 3 (SEG-103496),

An issue prevents users from successfully exporting advanced search results on the "User/Endpoint Directory" page.

Solution

This Hotfix resolves the issue.

Issue 4 (SEG-103195),

The open and close parenthesis characters, "(" and ")", cannot be used in regular expressions.

Solution

This Hotfix resolves this issue.

Issue 5 (SEG-102545),

An issue prevents Apex Central from generating weekly spyware reports.

Solution

This Hotfix resolves the issue to ensure that weekly spyware reports are generated successfully.

Issue 6 (SEG-101371),

After the Active Directory (AD) sync process has been updated to make it deterministic, it may not be able to run normally in some AD environments.

Solution

This Hotfix ensures that AD sync runs normally.

Issue 7 (SEG-102791),

When the inheritance option is set to "Extend from Parent", the scan exclusion list becomes read only and the "Deviations" field in the policy list displays "N/A". When this happens, users cannot add exclusions to child policies.

Solution

The Hotfix ensures that users can edit child policies.

NOTE: Policies will need to be deployed again after after applying this Hotfix.

Procedure

To deploy the policies again:

  1. Save a copy of the child policy exclusion list or export the policy as backup.
  2. Install this Hotfix (see "Installation").
  3. Click the Parent policy and click "Deploy". The Deviations of child policies that belong to the parent policy should change from "N/A" to a number value. 

NOTES:

  • If the Deviations remain at "N/A", click the child policy and click "Deploy".
  • If the Deviations becomes "0", follow the steps below to recover the exclusion list.

To recover the exclusion list:

  1. Open the exported policy file in Notes.
  2. Locate the following line:

    "policyName":"YOUR_ORIGIONAL_POLICY_NAME"

  3. Replace "YOUR_ORIGIONAL_POLICY_NAME" in the "YOUR_ORIGIONAL_POLICY_NAME_copy" format.
  4. Save the changes and close the file.
  5. Import this policy into Apex Central. The "YOUR_ORIGIONAL_POLICY_NAME_copy" Policy is created.
  6. Compare the contents of "YOUR_ORIGIONAL_POLICY_NAME_copy" Policy to the backup you created in step 1 and add the missing items to the child policy.

Issue 8 (SEG-103504),

An issue prevents Apex Central from downloading forensic files when it is connected to the Apex One Server through an HTTP Proxy.

Solution

This Hotfix ensures that Apex Central can download forensic files normally while connected to the Apex One Server through an HTTP Proxy.

Issue 9 (SEG-102584),

A full program path that contains an ampersand character "&" cannot be deleted from the approved programs list of the Behavior Monitoring policy.

Solution

This Hotfix resolves this issue.

Issue 10 (SEG-105455),

All agents are incorrectly sorted into "without policy" if the owner of an existing policy has been removed from Apex Central.

Solution

This Hotfix resolves this issue.

Issue 11 (SEG-104354),

An out-of-memory exception prevents the Active Directory (AD) sync job from completing normally.

Solution

This Hotfix resolves the issue.

Issue 12 (SEG-105774),

The "Log On with Domain Credentials" button on the login page is disabled.

Solution

This Hotfix resolves this issue.

Issue 13 (SEG-107160),

SSO fails because it uses up a large amount of port resources.

Solution

This Hotfix resolves this issue.

Issue 14 (SEG-86048),

An issue causes "CmdProcessor.exe" to stop unexpectedly.

Solution

This Hotfix resolves this issue.

Issue 15 (SEG-101748),

An issue triggers Apex Central to stop sending event logs to Threat Intelligence Center.

Solution

This Hotfix resolves the issue so Apex Central sends event logs to Threat Intelligence Center normally.

Issue 16 (SEG-94260),

An issue prevents users from importing the User-Defined Suspicious Object (UDSO) list manually using "ImportSOFromCSV.exe".

Solution

This Hotfix resolves this issue so the USDO list can be imported manually using "ImportSOFromCSV.exe".

Issue 17 (SEG-98544),

An issue prevents Apex Central from updating the product information for InterScan for Microsoft Exchange.

Solution

This Hotfix resolves this issue.

Issue 18 (SEG-74099),

Apex Central cannot update the status of endpoints while running MDR tasks when the IP address list contains a semicolon ";".

Solution

This Hotfix resolves the issue by enabling the parsing process to recognize the semicolon as a delimiter when sending information to the TIC server.

Trend Micro Apex One™ as a Service

This Hotfix resolves the following issue(s):

Issue 1 (SEG-103992),

An issue related to the Spyware/Grayware Scan Engine causes the system performance to slow down.

Solution

This Hotfix updates the Spyware/Grayware Scan Engine to resolve this issue.

Issue 2 (SEG-102746),

False Data Loss Protection alerts may be generated when violation logs contain an empty host name.

Solution

This Hotfix updates the Data Protection module to resolve this issue.

Issue 3 (SEG-95257),

The Device Control feature reads different Device IDs for USB Storage Devices on different Security Agent computers.

Solution

This Hotfix updates the Data Protection module to resolve this issue.

Issue 4 (SEG-100858), (SEG-105882), (SEG-104597), (SEG-104833), (SEG-101780),

An issue related to the Location Awareness feature may cause the Web Reputation Service (WRS) to appear "Unavailable" on the "Agent Management" page of the Apex One web console and Security Agent console.

Solution

This Hotfix updates the Apex One Security Agent program to resolve this issue.

Issue 5 (SEG-97834), (PDGJIRA-36),

Remote Desktop Services may not be able to start on endpoints where Behavior Monitoring is enabled.

Solution

This Hotfix updates the Behavior Monitoring module to resolve this issue.

Issue 6 (SEG-99718), (PDGJIRA-0008),

Users cannot add a RAM disk to the approved device lists because Data Loss Prevention(TM) (DLP) does not support this device.

Solution

This Hotfix updates the Data Protection module and Device List Tool (listDeviceInfo.exe) to resolve this issue.

Issue 7 (PDGJIRA-245), (SEG-104388), (SEG-106166),

The Apex One Deep Discovery Service stops unexpectedly while processing a sample file when the filename string is too long.

Solution

This Hotfix updates the Apex One server program to resolve this issue.

Issue 8 (SEG-103219),

The 3rd-party Eclipse program cannot be launched on when the Apex One Security Agent has Predictive Machine Learning enabled for process detections.

Solution

This Hotfix updates the Contextual Intelligence Engine to resolve the issue.

Issue 9 (SEG-105374),

The "Enable Firewall" button is disabled unexpectedly after users disable the Apex One Firewall service by right-clicking the Security Agent icon in the Microsoft(TM) Windows(TM) task bar.

Solution

This Hotfix updates the Apex One Security Agent program to resolve this issue.

Issue 10 (SEG-103196),

An issue related to the Apex One Predictive Machine Learning detections may cause the Apex One Real-time Scan ("Ntrtscan.exe") service to stop unexpectedly. When this happens, a "Protection At Risk: Contact your administrator" error message displays on the Windows Action Center.

Solution

This Hotfix updates the Apex One Security Agent program to resolve this issue.

Issue 11 (SEG-104467),

User-based Device Control policy may not work properly on endpoints with the Apex One Security Agent installed if the Data Protection Service is not enabled on the Security Agent.

Solution

This Hotfix updates the Apex One Security Agent program to resolve this issue.

Issue 12 (SEG-102717),

An issue related to the Location Awareness feature may cause the Apex One Security Agent to not update the Smart Scan Agent Pattern successfully.

Solution

This Hotfix updates the Apex One Security Agent program to resolve this issue.

Issue 13 (SEG-106268),

Sometimes, the Apex One as a Service Server status appear as "Abnormal" on the Apex Central web console.

Solution

This Hotfix updates the Apex One server program to resolve this issue.

Issue 14 (SEG-107907),

The Application Control Server uses up a large portion of system memory when handling Application Control criteria and policies.

Solution

This Hotfix updates the Application Control Server files to resolve this issue.

Issue 15 (SEG-106029),

The Application Control agent cannot correctly allow or block applications launched by the operating system.

Solution

This Hotfix updates the Application Control Agent files to resolve this issue.

Issue 16 (SEG-107909),

The Application Control criteria behaves abnormally after a switch in user accounts on a protected computer.

Solution

This Hotfix updates the Application Control Agent files to resolve this issue.

Issue 17 (SEG-107987),

The Application Control server may not be able to handle policy tasks efficiently when a large number of policies are deployed at the same time.

Solution

This Hotfix updates the Application Control Server files to resolve this issue.

Issue 18 (SEG-103259),

Security Agents that enabled the Apex One Predictive Machine Learning (for Process detections) feature may experience high CPU usage issues on the Trend Micro Unauthorized Change Prevention Service.

Solution

This Hotfix updates the Contextual Intelligence Engine to resolve the issue.

Issue 19 (SEG-104831), (SEG-106471), (SEG-107815),

When the Apex One Data Protection Service is enabled on Apex One Security Agent computers, blue screen of death (BSOD) may occur when these computers are upgraded to Windows 10 October 2020 Update (20H2).

Solution

This Hotfix updates the Data Protection module to resolve this issue.

Issue 20 (SEG-106749), (SEG-109287),

An issue prevents the Security Agent installation package (MSI) from being upgraded agents from OfficeScan XG / XG SP1.

Solution

This Hotfix updates the Apex One server program to resolve this issue.

Issue 21 (SEG-105485),

Certain third-party web applications may not work properly on endpoints with the Apex One Firewall enabled.

Solution

This Hotfix resolves the issue by updating the Apex One Security Agent program and adjusting the service flow of the Trend Micro NDIS 6.0 Filter Driver (TmLWF.sys) in the Apex One Firewall.

Issue 22 (SEG-104584),

The Apex One Vulnerability Protection server service may stop or take a long time to process detection logs from the Security Agent when there are invalid detection logs.

Solution

This Hotfix improves the Apex One Intrusion Prevention log processing logic. This helps the Security Agent to acknowledge the logs faster.

Issue 23 (SEG-106863),

Websites may load slowly or not load properly when the Trend Micro Unauthorized Change Prevention Service is enabled.

Solution

This Hotfix enables users to change the way Apex One queries predefined tokens which can help prevent the issue.

Procedure

To change the way Apex One queries predefined tokens and deploy the solution globally:

  1. Install this Hotfix (see "Installation").
  2. Open the "ofcscan.ini" file in the "\PCCSRV\" folder in the Apex One server installation directory.
  3. Under the "Global Setting" section, manually add the "AegisDisableQueryFromPEB" key and set its value to "1".
  • [Global Setting]
  • AegisDisableQueryFromPEB=1
  1. Save the changes and close the file.
  2. Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
  3. Click "Save" to deploy the setting to agents. The Apex One server deploys the command to Apex One security agents and adds the following registry entry on all Apex One agent computers:
  • Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\AEGIS
  • Key: DisableQueryFromPEB
  • Type: DWORD
  • Value: 1
  1. Restart the Apex One security agent.

Issue 24 (SEG-104798),

Apex One Security Agents may appear "Offline" after the security agent is re-connected to the network through third-party VPN applications.

Solution

This Hotfix updates the Apex One Security Agent program to resolve this issue.

Issue 25 (SEG-108743), (SEG-109033),

Unable to remove the last IP range in Smart Protection Sources on the Apex One SaaS web console due to an incorrect warning.

Solution

The hotfix removes the warning on the SaaS server to resolve the issue.

Issue 26 (SEG-109397),

A Trend Micro Census Server connection issue related to the Trend Micro Unauthorized Change Prevention Service causes a slow system response while users browse the Internet.

Solution

This Hotfix allows users to configure a Behavior Monitoring Setting to help prevent the connection issue.

Procedure

To update the setting and deploy the solution globally:

  1. Install this Hotfix (see "Installation").
  2. Open the "ofcscan.ini" file in the "\PCCSRV\" folder in the Apex One server installation directory.
  3. Under the "Global Setting" section, manually add the "AegisUseQueriedCensusResult" key and set its value to "1".
  • [Global Setting]
  • AegisUseQueriedCensusResult=1
  1. Save the changes and close the file.
  2. Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
  3. Click "Save" to deploy the setting to agents. The Apex One server deploys the command to Apex One security agents and adds the following registry entry on all Apex One agent computers:
  • Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\AEGIS
  • Key: UseQueriedCensusResult
  • Type: DWORD
  • Value: 1
  1. Restart the Apex One security agent.

Issue 27 (SEG-109399),

An issue related to the Trend Micro Unauthorized Change Prevention Service causes the Horizon VMWARE CDR and RDSH applications to stop responding.

Solution

This Hotfix updates the Behavior Monitoring module and enables users to configure Apex One to skip certain events to help prevent the issue.

Procedure

To configure Apex One to skip certain events to help prevent the issue and deploy the solution globally:

  1. Install this Hotfix (see "Installation").
  2. Open the "ofcscan.ini" file in the "\PCCSRV\" folder in the Apex One server installation directory.
  3. Under the "Global Setting" section, manually add the "tmevtmgr_SkipRdpDr" key and set its value to "1".
  • [Global Setting]
  • tmevtmgr_SkipRdpDr=1
  1. Save the changes and close the file.
  2. Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
  3. Click "Save" to deploy the setting to agents. The Apex One server deploys the command to Apex One security agents and adds the following registry entry on all Apex One agent computers:
  • Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tmevtmgr\Parameters
  • Key: SkipRdpDr
  • Type: DWORD
  • Value: 1
  1. Restart the Apex One security agent.

Issue 28 (SEG-109189),

After migrating an OfficeScan 11/XG agent to an Apex One Security Agent, the Wireless NIC interface may be enabled unexpectedly if the Data Protection Service is enabled.

Solution

This Hotfix updates the Data Protection module to resolve this issue.

Issue 29 (SEG-106994),

A large number of "root" log-in logs are generated in the Apex One system event log because Apex Central periodically sends policies and commands to Apex One.

Solution

This Hotfix provides a way to minimize the number of "root" log-in logs in the system event log.

Procedure

To reduce the number of "root" login logs in the System Event log:

  1. Install this Hotfix (see "Installation").
  2. Open the "ofcserver.ini" file in the "\PCCSRV\Private" folder in the Apex One server installation directory.
  3. Under the "INI_SERVER_SECTION" section, manually add the "EnableSSOPolicyLoginAuditing" and AddIPtoLoginAccount and set both to "0".
  • [INI_SERVER_SECTION]
  • EnableSSOPolicyLoginAuditing=0
  • AddIPtoLoginAccount=0
  1. Save the changes and close the file.
  • EnableSSOPolicyLoginAuditing
  • Values: 0: (Default) reduces the number of "root" log-in logs 1: Keep large number of "root" log-in logs
  • AddIPtoLoginAccount
  • Values: 0: (Default) show the log-in account information without the IP address 1: show the log-in account with the IP address

Trend Micro Apex One™ (Mac) as a Service

This Hotfix resolves the following issue(s):

Issue 1 (PDGJIRA-2571),

The TMCNTMgmt process may run into a memory leak issue while the Apex One (Mac) Security Server updates the certificate file.

Solution

This Hotfix updates TMCNTMgmt to resolve the memory leak issue.

Issue 2 (PDGJIRA-2585),

The RecoveryPackDownloader process may download and execute the same package more than once.

Solution

This Hotfix updates RecoveryPackDownloader to resolve this issue.

Issue 3 (SEG-105169),

"Restricting access to the console" may appear while double click the Apex One(Mac) Security Agent icon in Dock.

Solution

This Hotfix resolves the issue by updating the reopen function.

Enhancements

Trend Micro Apex Central™ as a Service

The following enhancements are included in this Hotfix:

Enhancement 1 (SEG-103015),

This Hotfix improves the Active Directory (AD) synchronization tool so that Apex Central can synchronize the AD even if a reporting staff account is disabled between synchronization tasks.

Enhancement 2 (SEG-103537),

This Hotfix enables Apex Central to match both Account Display Name and sAMAccountName when users search for User Accounts in the Device Control Rule and Application Control Rule of the Apex One Security Agent policy. Apex Central will return both the matching Account Display Name and sAMAccountName in the "Display Name \ sAMAccountName" format.

Enhancement 3 (SEG-105141),

This Hotfix replaces "Unactivated Licenses" to "Inactive Licenses" on the Apex Central web console.

Trend Micro Apex One™ as a Service

The following enhancements are included in this Hotfix:

Enhancement 1 (SEG-104757),

This Hotfix enables the Apex One Vulnerability Protection module to support user-defined mode changes for each Intrusion Prevention rule.

Procedure

To configure the user-defined mode:

  1. Install this Hotfix (see "Installation").
  2. Open the Apex Central web console and go to the "Policies > Policy Resources > Intrusion Prevention Rules" screen.
  3. Click on the "Mode" of the target rule.
  4. Select the preferred mode option and click "Save" to save the changes.
  5. Go to the "Policies > Policy Management" screen and deploy the policy to agents.

Enhancement 2 (SEG-107984),

This Hotfix updates the Application Control files to extend the maximum number of Application Control Criteria to 500 in the assign rule screen of the Trend Micro Apex Central(TM) web console.

Enhancement 3 (SEG-107990),

This Hotfix updates the Application Control files to enable the Application Control Criteria certificate to support the plus sign "+".

Enhancement 4 (SEG-104197),

This Hotfix enables the Apex One Security Agent program to support Microsoft Windows(TM) 10 (version 21H1) May 2021 Update.

Enhancement 5 (SEG-109625), (PDGJIRA-249),

This Hotfix adds a count-dependent log purge function to enhance the retention mechanism for detection logs.

Enhancement 6 (PDGJIRA-192), (SEG-109628),

This Hotfix enables users to configure the Security Agent to create a single firewall log entry for recurring detections of the same firewall violation within a specified time range.

Procedure

To enable the new settings and deploy the solution globally:

  1. Install this Hotfix (see "Installation").
  2. Open the "ofcscan.ini" file in the "\PCCSRV\" folder in the Apex One server installation directory.
  3. Under the "Global Setting" section, manually add the following keys and values.
  • [Global Setting]
  • PFWLogDedupEnable=1
  • PFWLogDedupPeriod=600
  • NOTE: To disable the setting, set the "PFWLogDedupEnable" key to "0". The "PFWLogDedupPeriod" key supports value between 600 and 3600 and it is set to 600 by default.
  1. Save the changes and close the file.
  2. Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
  3. Click "Save" to deploy the setting to agents. The Apex One server deploys the command to Apex One security agents and adds the following registry entries on all Apex One agent computers:
  • Path:
  • For x64 platforms: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\PFW\
  • For x86 platforms: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\PFW\
  • Key: PFWLogDedupEnable
  • Type: DWORD
  • Value: 1
  • Key: PFWLogDedupPeriod
  • Type: DWORD
  • Value: 600

Trend Micro Apex One™ (Mac) as a Service

The following enhancements are included in this Hotfix:

Enhancement 1 (PDGJIRA-2562),

This Hotfix updates the pattern in the Apex One (Mac) agent installer to reduce potential false alarms.

Enhancement 2 (PDGJIRA-2574),

This Hotfix adds more exception lists into the "TmAntiMalware.conf.plist" file for iCore.

Enhancement 3 (PDGJIRA-2576),

This Hotfix replaces old 3P documents with all-in-one 3P documents.

Additional Information

Trend Micro Apex Central™ as a Service

No additional information available.

Trend Micro Apex One™ as a Service

Security Agent version: 14.0.9461

Security Agent restart: Required

Estimated size of network traffic (in terms of bandwidth) required for deployment:

  • 32-bit Security Agent Hotfix = 241.5 MB
  • 64-bit Security Agent Hotfix = 274.7 MB

Trend Micro Apex One™ (Mac) as a Service

Security Agent Version: 3.5.5208

Security Agent Restart Requirement: Not required

Estimated size of network traffic (in terms of bandwidth) required for deployment:

64-bit Security Agent Hotfix = 133MB

Additional Requirements: Enable web browser extension (https://success.trendmicro.com/solution/000273346)

2. Documentation Set

    The document set includes:

  • Trend Micro Apex One™ as a Service documents
    • Readme: Contains a list of known issues and may also contain late-breaking product information not found in the Online Help or printed documentation.
    • Knowledge Base: An online database of problem-solving and troubleshooting information. It provides the latest information about known product issues. To access the Knowledge Base, go to the following website: http://esupport.trendmicro.com
  • Trend Micro Apex Central™ as a Service documents
    • Administrator's Guide: A PDF document that provides detailed instructions for how to configure and manage the Trend Micro Apex Central™ as a Service console and features.
    • Data Protection Lists (Chapter 1 only): A PDF document that lists predefined data identifiers and templates for Data Loss Prevention.
    • Widget and Policy Management Guide: Explains how to configure Dashboard widgets and Policy Management widgets on the Trend Micro Apex Central™ as a Service console.
    • Automation Center: Online user guides and references that explain how to use the Apex Central Automation APIs: https://automation.trendmicro.com/apex-central/home
    • Online Help: Provides "how to's", usage advice, and field-specific information. The Help is also accessible from the Trend Micro Apex Central™ as a Service console.
  • Trend Micro Apex One™ server documents
    • Administrator's Guide: A PDF document that discusses getting started information and Trend Micro Apex One™ server administration.
    • Online Help: Provides "how to's", usage advice, and field-specific information. The Help is accessible from the Trend Micro Apex One™ server, agent, and Policy Server consoles, and from the OfficeScan Master Setup.
  • Trend Micro Apex One™ (Mac) server documents
    • Administrator's Guide: A PDF document that discusses getting started information and Trend Micro Apex One™ (Mac) server administration.
    • Online Help: Provides "how to's", usage advice, and field-specific information for Trend Micro. The Help is also accessible from the Trend Micro Apex One™ as a Service console.
  • Security Agent documents
    • Trend Micro Apex One™ Security Agent Online Help: Discusses getting started information, Trend Micro Apex One™ Security Agent installation procedures, and Trend Micro Apex One™ Security Agent management.
    • Trend Micro Apex One™ Security Agent Readme: Contains a list of known issues and may also contain late-breaking product information not found in the Online Help or printed documentation.
    • Trend Micro Apex One™ (Mac) Security Agent Online Help: Discusses getting started information, Trend Micro Apex One™ (Mac) Security Agent installation procedures, and Trend Micro Apex One™ (Mac) Security Agent management.

    Download the latest versions of the PDF documents and readme at our online documentation.

3. Post-installation Configuration

No post-installation steps are required.

NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product.

4. Known Issues

Trend Micro Apex Central™ as a Service

There are no known issues for this Hotfix release.

Trend Micro Apex One™ as a Service

Known issues in this release:

Known issue 1

Security Agent consoles running build 13.95 display an incorrect policy name. To resolve this issue, upgrade the Security Agent to 14.0. After the Security Agent contacts the server, the policy name displays correctly.

Known issue 2

Off-premises and Security Agents in Independent mode cannot update the Certified Safe Software Pattern from external update sources.

Known issue 3

Coexist mode Security Agents on endpoints with Windows Defender may experience installation issues or be unable to upload data to the Apex One server due to a file locking issue. To resolve this issue, add Endpoint Sensor (ESEServiceShell.exe and ESClient.exe) in the exclusions list of Windows Defender to prevent the locking issue.

Known issue 4

After copying a file to a remote server using a relative path as the source, Apex One is unable to translate the relative path into the full system directory.

Known issue 5

The quality of RCA analysis chain image files is reduced when viewing the files using Windows 10 Photo Viewer.

Known issue 6

When attempting to start a Historical Investigation from the Attack Discovery Detections widget that includes Registry value name or Registry value data criteria, the Historical Investigation displays an error message if the length of the Registry value name exceeds 260 characters or the Registry value data exceeds 64 characters.

Known issue 7

After updating the Attack Discovery Pattern file (tmesadp.ptn) on Security Agents, a database schema error may occur that causes the Endpoint Sensor feature to continuously report the same detections to the server during each synchronization. This causes duplicate records to display on the Apex Central server.

Known issue 8

Root Cause Analysis email attachment results may also include temporary files created when the user saved the file.

Known issue 9

The number of matched endpoints that display on a Root Cause Analysis chain may appear to be greater than the total if the Security Agent on an endpoint was uninstalled or no longer reports to the same managing server.

Known issue 10

The Endpoint Sensor service may have high memory usage.

Known issue 11

The Endpoint Sensor may have high peak CPU usage occasionally.

Known issue 12

Endpoint Sensor has CPU peak during Windows Update phase.

Known issue 13

The user or account name in ADE detection may be empty.

Known issue 14

The EC module may stop responding while handling NULL data which may cause the ESEService and ADE functionality to behave abnormally.

Known issue 15
In rare conditions, ESEService stops responding while unloading.

Trend Micro Apex One™ (Mac) as a Service

Known issues in this release:

Known issue 1

After enabling the Scan Time Machine option for Manual Scan and Scheduled Scan, Apex One (Mac) cannot perform any actions (clean, quarantine, or delete) on detected malware threats due to a permission limitation in Mac OS. Configured scan actions are displayed as unsuccessful in the product logs.

Known issue 2

When performing a historical investigation on Apex One (Mac) endpoints, the system replaces a slash (/) with a colon (:) in file names, preventing users from searching for file names that contain backslashes in investigation results.

To resolve this issue, use a colon (:) to search for the files.

5. Contact Information

A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees.

Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products.

https://www.trendmicro.com/en_us/contact.html

NOTE: This information is subject to change without notice.

6. About Trend Micro

Smart, simple, security that fits

As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information.

Copyright 2020, Trend Micro Incorporated. All rights reserved.

Trend Micro, Trend Micro Apex Central, Trend Micro Apex One, Trend Micro Apex One (Mac) and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies.

7. License Agreement

View information about your license agreement with Trend Micro at: https://www.trendmicro.com/en_us/about/legal.html

Third-party licensing agreements can be viewed:

  • By selecting the "About" option in the application user interface
  • By referring to the "Legal" page of the Administrator's Guide
Back to Top